2. Configuring the SGD Gateway
A. SGD Gateway Architecture Overview
Changing the Maximum Number of AIP Connections
Calculating the Number of AIP Connections
Changing the Maximum Number of HTTP Connections
Calculating the JVM Memory Size
Changing the Binding Port for the SGD Gateway
Using Unencrypted Connections to the SGD Array
Using External SSL Accelerators
How to Enable External SSL Accelerator Support
Using Client Certificates With the SGD Gateway
Enabling the Balancer Manager Application
Enabling the Reflection Service
How to Enable Unauthorized Access to the Reflection Service
How to Enable Authorized Access to the Reflection Service
About the RESTful Web Services
To use this procedure, you must have a client certificate.
# /opt/SUNWsgdg/bin/gateway stop
Add a <needClientAuth> entry to the /opt/SUNWsgdg/etc/gateway.xml file, as follows:
<service id="http-ssl-service" class="SSL"> <needClientAuth>true</needClientAuth> <!-- Decrypts HTTPS traffic --> <subService id="ssl-splitter"> <binding>*</binding> </subService>
Use the keytool command, as follows:
# /opt/SUNWsgdg/java/default/bin/keytool -importcert \ -alias mycert -keystore /opt/SUNWsgdg/proxy/etc/keystore.client \ -file mycert.crt -storepass ‘cat /opt/SUNWsgdg/etc/password‘
In this example, the client certificate mycert.crt is imported into the SGD Gateway client keystore. The client certificate is stored using an alias of mycert.
# /opt/SUNWsgdg/bin/gateway start